Enable SSO authentication to the Banyan Command Center using SAML2.0
Admin access to the Banyan Command Center can be configured for Single Sign On Identity Provider via the SAML2.0 protocol. Most SSO SAML providers can be configured following these instructions, however you can also review step-by-step instructions for Okta and Azure AD.
In your IdP, enter the following values so Banyan is set up as a Service Provider (SP).
A) Single Sign On URL
The Banyan Org Settings page will provide you a Single Sign On (SAML ACS) URL of the form
Place this parameter where your IdP asks for:
B) Assertion Subject Statements
Banyan uses your email address as your username, so set that in the Assertion Subject Statements.
C) Other Notes
Some IdP’s ask for the Service Provider Certificate - this is used to verify the signature of SAML requests, but it is safe to skip this step.
In the Banyan Command Center, in the Org Settings page, set the Identity Provider to
SAML 2.0. Then, enter the following details.
A) Identity Provider Metadata
You can enter either your Identity Provider’s Metadata URL or the “raw” Metadata XML file from your Identity Provider.
Banyan will automatically obtain the IdP SSO URL, IdP Entity ID, IdP x.509 Certificate, IdP Issuer URL and other parameters needed to set up
B) Identity Provider Issuer URL
As a configuration check, also provide the IdP Issuer URL.
C) Save the configuration
Click on the “Update Settings” button to save the configurations.
D) (Optional) Set the Admin Profiles
By default, admins who access the Banyan Command Center using SAML are assigned a “ReadOnly” profile. You can update their profile in the Org Settings section of the Command Center.